Director of Security - Cirium
Are you the security director Cirium (formerly FlightGlobal) is looking for? Cirium has grown its portfolio significantly through the acquisition of leading data intelligence companies, including Ascend, Innovata, Diio and FlightStats. We are seeking a security director to help us secure our estate and provide secure products to our customers.
Cirium is looking for a Director of Security to inform, build and implement security policy and governance into our software development pipeline. This role is responsible for the overall program of work that keeps our products and data systems secure. The right candidate will work directly with our global CISO to understand security practices and policies within our corporate parent organization. In addition, this role will work directly with the product development squads to help inform them on modifications necessary to their products in order to comply with necessary policies and security best practice. This position reports to the Cirium CTO and serves on the Technology Leadership Team which manages global strategic technology initiatives.
A valid passport and the ability to travel throughout the United States and United Kingdom is required. You will be working with a global team of highly talented and committed individuals bringing three companies together into one to form the aviation industry’s leading data and analytics provider.
Get things done right. Drive forward for results while maintaining solid relationships.
Positive attitude and the ability to assume best intent in all conversations
Frequent, open and honest communication, written and verbal
Ability to collaborate globally across time zones (i.e. wake up early)
Foster a culture of ownership and accountability
Ability to recognize, learn from, and celebrate both successes and failures
Ability to get the right people in the same room at the right time
You value products over projects
You value outcomes over output
Knowledge of security environments.
Knowledge of security strategy and architecture integration.
Ability to assess security policy effectiveness.
Knowledge of information security hardware/software.
Strong understanding of compliance and governance initiatives.
Analysis of security event for anomalous activity.
Identification of emerging security threats.
Vulnerability assessment, threat analysis, and reporting.
Promotion of security policies and implementation of security programs.
Monitoring of security systems for threats.
Strong skills in setting, communicating, implementing, and achieving business objectives and goals through the direct management of others.
Strong organization/project planning, time management, and change management skills across multiple functional groups and departments, and strong delegation skills involving prioritizing and reprioritizing projects and managing projects of various size and complexity.
Advanced problem-solving experience involving leading teams in identifying, researching, and coordinating the resources necessary to effectively troubleshoot/diagnose complex project issues; prior success extracting/translating findings into alternatives/solutions, and identifying risks/impacts and schedule adjustments to facilitate management decision-making.
Advanced communication (verbal and written) and customer service skills. Strong interpersonal, communication, and presentation skills applicable to a wide audience including senior and executive management, customers, etc., including diction/terminology and presenting information in a concise and effective manner to clients, management, and various departments using assorted communication mediums.
Provide management and general direction for the integration of security strategy and architecture with business and IT strategy.
Capability to plan and lead development initiatives.
Work with selected resource owners to identify company IT assets that require security controls and determine appropriate security policies for identified resources.
Assess effectiveness of security programs within primary area of responsibility.
Plan and implement new or updated information security hardware or software, and analyze its impact on the applicable environment.
Conduct technical risk assessments, such as vulnerability scanning, penetration testing, risk reviews for new applications, and third-party risk assessments.
Work with team of engineers to ensure timely and accurate performance of all team activities.
Responsible for analyzing/validating the requirements, defining the access rules, scripting the changes, and providing troubleshooting support related to any access issues.
Assist with reviewing existing tools, applications, and processes to help strengthen and optimize current capabilities, as well as identifying any gaps or technical solutions to further enhance the team’s effectiveness.
Compliance and governance: help achieve compliance, identify compliance initiatives, and author and promote appropriate security policies.
Lead, analyze, and review security events for anomalous activity, and collaborate with respective peer groups to take appropriate action to safeguard company information assets against current and foreseen threats.
Lead the exploration of practical security solutions to address emerging threats and compliance requirements, including design and implementation of recommended solutions.
Develop and implement security programs: manage and execute project deliverables; communicate to affected stakeholders including departments within the company; develop program procedures including guidelines and flow diagrams to be implemented on an ongoing basis; and develop tools or metrics that allow for the measurement of successful program implementation.
Communication and outreach: maintain communication with peers throughout the organization and security contacts including Business Units and subsidiary locations; survey clients to determine appropriate communication methods; deliver solutions to help raise security awareness; and develop and disseminate information regarding security controls and newly identified risks.
Assess and measure security programs to ensure closed-loop operations, seek out and execute upon opportunities to reap program maturity, and deliver innovative solutions to obtain efficiencies.
Carry out management responsibilities in accordance with the organization’s policies, procedures, and applicable laws. Responsibilities include interviewing, hiring, and training employees; planning, assigning, and directing work; appraising performance; rewarding and disciplining employees; and addressing complaints and resolving problems.
Ensure all staff is provided with training and resources needed to perform their jobs to the most outstanding degree possible. Ensure all staff is provided with frequent feedback and coaching in order to meet and exceed individual and team performance goals consistently.
Manage and encourage new ideas from staff to foster improvements through innovations.
Empower the staff to be accountable and responsible for their own actions and decisions.
All other duties as assigned.
Cirium employs a team of over 400 technologists, analysts, data scientists and market experts in the UK, US, Europe, India and Asia-Pacific. In 1909 we were the first to record the earliest days of flight and now in 2019, as Cirium, we are uniquely positioned to reshape the wider travel industry with our data intelligence solutions. Our people are at the centre of who we are. Whatever your background you are welcome. We are looking for talented and dynamic team players who focus on delivering successful outcomes.
We are a business where three out of our seven leaders are women, over 20 languages are spoken, where some leaders have grey hair and some have purple. Where our sales teams take time out to support local schools and our product teams champion local women back into the workplace. We are a flexible employer and happy to accommodate different working solutions for the right talent.
Cirium analyses the huge volume of data generated from the millions of flights a year to help keep the travel industry in motion:
35 million airline flights are tracked and 70 million passenger itineraries processed each year to alert corporate travel companies, travel agencies and airlines, so that travellers stay up-to-date with flight status and airlines minimize disruption
Over US$300 billion worth of airline tickets are analysed for market insights
Over 3.3 million flights are tracked per month covering over 97% of scheduled flights worldwide and more than 80% of tracked flights, matched to aircraft registration numbers so engine efficiency can be optimized per hour
US$5.3 trillion worth of aircraft assets are valued by Cirium each year, as part of strategy and pricing partnerships with the world’s top 50 lessors and tier one investment banks
Cirium has 10 offices worldwide and we celebrate our global diversity through events and networks throughout the year
Cirium is part of RBI, which is part of RELX, a FTSE 100 traded company (which was just named by Forbes as one of the world’s most innovative companies)
Our benefits stand out (they even include two days a year for you to dedicate to the charitable activity of your choice)
Cirium and RBI are founding members of the Tech Talent Charter, committed to increasing the ratio of women and under-represented groups working in technology
RBI is an equal opportunity employer: qualified applicants are considered for and treated during employment without regard to race, color, creed, religion, sex, national origin, citizenship status, disability status, protected veteran status, age, marital status, sexual orientation, gender identity, genetic information, or any other characteristic protected by law. If a qualified individual with a disability or disabled veteran needs a reasonable accommodation to use or access our online system, that individual should please contact Talent Acquisition at email@example.com.